How hackers stole millions from cashpoints around the world.

A security flaw saw criminals steal millions of pound from cashpoints around the world, an investigation has found.

Sophisticated hackers exploited a security flaw in cashpoints around the world to steal millions of pounds, researchers have found.

Criminals, working at night, were able to break into ATMs in Europe, Asia and America by loading malicious software – or “malware” – onto the machines.

The malware, “Tyupkin”, was uncovered by researchers at security group Kaspersky. Interpol, the international police organisation, is investigating the matter.

Vicente Diaz, Kaspersky’s principle security researcher, said the attack was the most wide-ranging hack of its kind that had been identified.

How it works

Hackers open the ATM and insert a CD loaded with the malware.

After that, they restart the machine, giving them control. The software then runs on a loop waiting for two uniquely-generated passwords – one known by the hackers at the scene and one given to them by phone.

Once these are entered, the cashpoint’s screen flashes up a message reading: Cash operation permitted. To start dispense operation – enter cassette number and press Enter.

The screen also displays how many notes are in each of its cassettes. The hacker selects which cassette to empty, and 40 notes are released from the machine.

How the cashpoint screen looks once it has been hacked

The malware only works on Sunday and Monday nights, when areas around cashpoints are most likely to be deserted, in order to avoid detection.

The attacks, which have successfully stolen millions, do not even require the use of a credit card.

Extent of attacks

Kaspersky said it had identified 31 attacks that had taken place using the machines, but that the true number of attacks will have been higher.

The vast majority of those identified were in Russia, with others in the US, India and China.

No attacks were identified in the UK, although Mr Diaz said UK bodies had been among those who had made their concerns about cashpoint hacks known.

“In the UK there have been these kind of attacks, it could be Tyupkin and it could not,” he said. “The UK was in the loop.”

He added: “Over the past few years, we have observed a major upswing in ATM attacks using skimming devices and malicious software. Now we are seeing the natural evolution of this threat with cybercriminals moving up the chain and targeting financial institutions directly.”

Cybersecurity at banks

Vulnerability to hacking attacks is a growing issue among financial institutions. Last week, JP Morgan said 84m individuals and businesses had their information compromised.

“Offenders are constantly identifying new ways to evolve their methodologies to commit crimes, and it is essential that we keep law enforcement in our member countries involved and informed about current trends and modus operandi,” said Sanjay Virmani, director of Interpol’s digital crime centre.